Skip to content

v4.5.0
Compare
Choose a tag to compare
@github-actions github-actions released this 10 Jun 22:09
· 29 commits to main since this release
v4.5.0
6cb2cbc

v4.5.0 (2024-06-10)

Chore

  • chore: shield_ossf-best-practices subbary

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (1a1ad60)

Ci

  • ci: modernize artifact action (#737)

supersedes #625
supersedes #624

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (1222201)

Documentation

  • docs: exclude dep bumps from changelog (#750)

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (3d02d6a)

  • docs: OSSF best practice badge percentage

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (5717803)

Feature

  • feat: environment - gather declared license information according to PEP639 (#755)

From python environments, gather additional declared license information
according to PEP 639 (improving
license clarity with better package metadata).

New CLI switches for cyclonedx environment:

  • --PEP-639: Enable license gathering according to PEP 639 (improving
    license clarity with better package metadata).
    The behavior may change during the draft development of the PEP.
  • --gather-license-texts: Enable license text gathering.

In current state of implementation, --gather-license-texts has effect
only if --PEP-639 is also given.

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (e9cc805)

Refactor

  • refactor: const for purl type pypi (#754)

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (cba521e)

  • refactor: extred -> extref (#753)

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com> (a178d2e)

Unknown

  • Create config.yml

Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> (f13311b)

  • Rename feature_request.md to 1-feature_request.md

Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> (c4b15d8)

  • Rename bug_report.md to 2-bug_report.md

Signed-off-by: Jan Kowalleck <jan.kowalleck@owasp.org> (58199a5)

What's Changed

  • chore(deps-dev): Update mypy requirement from 1.9.0 to 1.10.0 by @dependabot in #731
  • chore(deps-dev): Update coverage requirement from 7.4.4 to 7.5.0 by @dependabot in #732
  • chore(deps-dev): Update flake8-bugbear requirement from 24.2.6 to 24.4.26 by @dependabot in #733
  • chore(deps-dev): Update tox requirement from 4.14.2 to 4.15.0 by @dependabot in #734
  • ci: modernize artifact action by @jkowalleck in #737
  • chore(deps-dev): Update coverage requirement from 7.5.0 to 7.5.1 by @dependabot in #739
  • chore(deps-dev): Update flake8-annotations requirement from 3.0.1 to 3.1.0 by @dependabot in #740
  • chore(deps-dev): Update flake8-annotations requirement from 3.1.0 to 3.1.1 by @dependabot in #743
  • chore(deps-dev): Update pep8-naming requirement from 0.13.3 to 0.14.1 by @dependabot in #744
  • chore(deps-dev): Update coverage requirement from 7.5.1 to 7.5.3 by @dependabot in #747
  • docs: exclude dep bumps from changelog by @jkowalleck in #750
  • chore(deps-dev): Update autopep8 requirement from 2.1.0 to 2.2.0 by @dependabot in #748
  • chore(deps-dev): Update tox requirement from 4.15.0 to 4.15.1 by @dependabot in #751
  • refactor: extred -> extref by @jkowalleck in #753
  • refactor: const for purl type pypi by @jkowalleck in #754
  • feat: environment - gather declared license information according to PEP639 by @jkowalleck in #755

Full Changelog: v4.4.3...v4.5.0

Contributors

jkowalleck and dependabot
Assets 4
Loading